Define multi-core specific memory check in Isolation Level 2 policy and APIs
Open, Needs TriagePublic

Description

It is unlikely that the secure core can still support CMSE functions in multi-core topology. Thus it requires a specific memory check to replace CMSE memory check functions.
Multi-core specific memory check in Isolation level 2 should complete the following checks

  1. region valid/invalid
  2. Secure/Non-secure check
  3. Privileged/Un-privileged permission check
  4. Read-only/Read-write check
  5. platform specific attribution check if necessary.

The policy and sequence should be kept aligned with the check in single Armv8-M.
APIs should be defined and exported to multi-core topology platform.

Existing memory check in TF-M master branch may be also adjusted since memory check can be more strict in multi-core topology on partner platform.

davidhuziji moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Propose a patch https://review.trustedfirmware.org/c/trusted-firmware-m/+/1718 to split memory check process from other common secure APIs. Thus single Armv8-M and multi-core scenario can implement own process.

davidhuziji moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Aug 12 2019, 2:16 AM
davidhuziji moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Sep 6 2019, 5:14 AM